Cybersecurity & Email Infrastructure Manager

Job Title:

Department:

Reporting To:

Location:

Employment Type:

Position Overview

Cybersecurity & Email Infrastructure Manager

This role demands a hands-on technical leader who can configure, monitor, and continuously improve the company’s data and network security posture — covering areas like phishing prevention, impersonation protection, data leakage control, and multi-level access management across internal and client-facing systems.

Key Responsibilities

1. Data & Infrastructure Security

• Design, implement, and oversee end-to-end data protection protocols across servers, workstations, and cloud platforms (GCP, AWS, Azure).
• Regularly conduct

  vulnerability assessments, penetration testing, and patch management

  for company systems.
• Enforce encryption standards, secure backups, and controlled data retention practices.
• Manage endpoint security (EDR/AV tools), and implement real-time monitoring for intrusion and anomaly detection.
  

2. Email Infrastructure Management

• Administer and secure the company’s email systems (Google Workspace / Microsoft 365 / custom SMTP).
• Configure and maintain

  DNS-level authentication

  records —

  SPF, DKIM, DMARC

  — ensuring proper mail delivery and protection against spoofing or impersonation.
• Manage

  SMTP routing, relay settings, and email relay servers

  to ensure optimal deliverability and reputation.
• Implement and monitor

  anti-spam, anti-malware, and phishing filters

  , and maintain block/allow lists.
• Oversee

  email archiving, backup, retention, and DLP policies

  to prevent sensitive information leaks.
• Ensure proper setup of

  email routing for multiple domains, subdomains, and alias-based groups

  (internal + client communication).
• Coordinate with external hosting providers, ESPs, and DNS registrars to resolve deliverability or reputation issues (e.g., IP warming, sender score management).
• Ensure that all company users adhere to

  email usage protocols and two-factor authentication

  on corporate accounts.

3. Phishing, Impersonation & Threat Defense

• Deploy and manage

  anti-phishing and impersonation prevention systems

  (e.g., Barracuda, Mimecast, Proofpoint, Google Advanced Protection).
• Monitor for

  domain spoofing, look-alike domains, and unauthorized mail relays.

• Conduct

  regular phishing simulation exercises

  and employee awareness campaigns.
• Investigate any suspicious activity, compromised credentials, or unauthorized access attempts.
  

4. Multi-Level Access Control & Identity Governance

• Establish and maintain

  Role-Based Access Control (RBAC)

  and

  Multi-Factor Authentication (MFA)

  across all company tools and data systems.
• Audit and review user permissions across GitHub, internal dashboards, APIs, CRMs, and third-party integrations.
• Manage employee onboarding/offboarding security workflows including credential revocation and data access deactivation.
• Implement

  SSO and password policy standards

  company-wide.

5. Data Leakage Prevention & Compliance

• Deploy and monitor

  Data Loss Prevention (DLP)

  tools across endpoints, cloud drives, and email systems.
• Establish data classification and handling protocols based on sensitivity levels.
• Ensure compliance with

  Indian IT Act, ISO 27001

  , and

  global privacy frameworks (GDPR, SOC 2)

  relevant to client data handling.
• Generate periodic

  security audit reports

  and maintain documentation for compliance and internal review.

6. Incident Response & Security Operations

• Create and manage an

  Incident Response Plan (IRP)

  for handling breaches, leaks, and ransomware threats.
• Perform

  forensic analysis

  of compromised systems and ensure fast containment and remediation.
• Maintain detailed logs, timelines, and post-incident review documents.
• Report high-risk vulnerabilities or breaches directly to the CTO and leadership team.
  

7. Training & Awareness

• Conduct internal workshops on

  phishing identification, safe email practices, and data handling.

• Publish periodic security advisories and actionable checklists for employees.
• Foster a culture of security awareness and accountability across departments.
  

Qualifications & Skills

Education:

• Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, or related field.

Certifications (Preferred):

• CEH / CISSP / CompTIA Security+ / ISO 27001 Lead Implementer / Google Workspace Admin Certification.

Technical Skills:

• Deep understanding of

  email security (SPF, DKIM, DMARC, MTA/SMTP routing, mail relay servers)

  .
• Strong grasp of

  SIEM systems

  ,

  endpoint protection

  ,

  firewalls

  ,

  VPN

  , and

  identity management

  tools.
• Experience with

  Google Workspace Admin Console, Microsoft Exchange, DNS, and Cloudflare Security.

• Familiarity with

  phishing detection tools

  ,

  threat intelligence systems

  , and

  incident response workflows.

Soft Skills:

• Analytical and detail-oriented mindset.
• Excellent documentation and reporting ability.
• Strong communication and coordination skills across tech and non-tech teams.
• High integrity, confidentiality, and accountability for information protection.
  

Performance Indicators

• Successful configuration and monitoring of SPF/DKIM/DMARC across all company domains.
• Reduced phishing or spoofing incidents quarter over quarter.
• Timely detection and resolution of vulnerabilities.
• 100% compliance on user access audits and data protection standards.
• Positive results in periodic internal/external security audits.